AB-Solution - The Ad Blocking Solution

[thelonelycoder]

So I'm trying to setup email, but I keep getting errors.

curl: (35) error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol

From stackoverflow I believe it's because I need to enabled SSL on port 443, from what I have read it is because it can't connect to the server (or get a wrong answer), or there is an extra set of "<IfDefine NotDefined>" referenced in the secure virtual host configuration, tho I doubt a file I haven't touched would be wrong.

I'm using SMTP Server: smtp-mail.outlook.com, and Server port: 587. Confirmed that it is correct from support.office.com

Edit:
Seems to only be outlook problem. I created a new gmail instead.

You'd have to edit /mnt/<your device>/adblocking/scripts/send-email.sh to get the outlook address to work.
Change this line

curl --url smtps://$SMTP:$PORT \

to

curl --url smtp://$SMTP:$PORT \

The s in smtps needs to be removed.
Then it'll work.

AB4 has that option built in to use smtps or smtp.

Also, can't wait for AB4, was looking at PiHole and would love some graphs and easy way to see some stats. Just bad that the RPi dosn't support gigabit speed.

I wonder what you all expect me to code for the WebUI. Pie charts, cake and blinking text?
Realistically, I consider it done and a success when most if not all of the functionality from the SSH UI is working in the WebUI as well.

 

[M@rco]

Would you kindly post the error message that was displayed by curl?
The use of smtp.gmail.com and port 465 probably is set on 75% of the AB-Solution installations out there, including the four I have here.
Make sure you have set a application password and use that if you have two factor authentication enabled.

And if you're not (yet) using TFA, you might need to check this setting here: https://myaccount.google.com/lesssecureapps?pli=1
You need to be logged in to your Google Account to enable this setting. More info can be found here: https://support.google.com/accounts/answer/6010255?hl=en

Edit: when enabling the setting above, enabling TFA is definitely a wise thing to do, to secure access to your mail account.

 

[elorimer]

Say, I just noticed gmail email wasn't working:

email.cfg file verified

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
curl: (67) Login denied

 sending testmail failed

 Note the curl: error above and check your settings

Do the app passwords have to be renewed?

 

[thelonelycoder]

Say, I just noticed gmail email wasn't working:

email.cfg file verified

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
curl: (67) Login denied

 sending testmail failed

 Note the curl: error above and check your settings

Do the app passwords have to be renewed?

I use the same app pw since I created that dedicated account for router mails.
Have a cigar and when done, try again. Set your whisky down first.

 

[XIII]

On iOS it does not seem to fail gracefully as their appears a pop-up for every HTTPS request captured by pixselserv?

The pop-ups did not appear for some time, but today (29-Jan-2018) I got one when visiting the German Amazon website for https://aax-eu.amazon-adsystem.com

I'm actually surprised about this one, because I see a file /opt/var/cache/pixelserv/_.amazon-adsystem.com dated 21-Jan-2018 on my router...

I only got it once; could not reproduce it afterwards.

 

[M@rco]

I use the same app pw since I created that dedicated account for router mails.
Have a cigar and when done, try again. Set your whisky down first.

@elorimer: I just read some more and, if I understand correctly, it appears that sending mail using curl through smtp.gmail.com:465 actually requires the setting "Allow less secure apps" to be enabled, as Google requires Oauth. See my post above:

And if you're not (yet) using TFA, you might need to check this setting here: https://myaccount.google.com/lesssecureapps?pli=1
You need to be logged in to your Google Account to enable this setting. More info can be found here: https://support.google.com/accounts/answer/6010255?hl=en

Edit: when enabling the setting above, enabling TFA is definitely a wise thing to do, to secure access to your mail account.

So before setting down the whisky, you might want to check that setting first. You can use your free hand to click the link. It might solve your issue.

 

[thelonelycoder]

@elorimer: I just read some more and, if I understand correctly, it appears that sending mail using curl through smtp.gmail.com:465 actually requires the setting "Allow less secure apps" to be enabled, as Google requires Oauth.

I have that enabled too and as this account is for router mails only I'm not worried. The get forwarded to my main email account.

So before setting down the whisky, you might want to check that setting first. You can use your free hand to click the link. It might solve your issue.

Failing to be capable to do this feat, the wife could lend a helping hand as they generally are better at multitasking...

 

[Protik]

Is there any way to force pixelserv-tls to set the permissions correctly for the certificates? I did some tinkering with my USB and had to restore a backup of the files in the USB. After copying back the owner of the certificates is admin. I guess I need to change them to nobody for all of them?

 

[thelonelycoder]

Is there any way to force pixelserv-tls to set the permissions correctly for the certificates? I did some tinkering with my USB and had to restore a backup of the files in the USB. After copying back the owner of the certificates is admin. I guess I need to change them to nobody for all of them?

The owner of the certs itself does not matter.
What matters is the owner of the folder containing them. AB3 sets the owner to nobody for /opt/var/cache/pixelserv automatically when installing. If it fails to do that you can set it with:

chown nobody /opt/var/cache/pixelserv

AB4 re-checks the owner regularly when operation on files or folders are done.

 

[martinr]

AB4 re-checks the owner regularly when operation on files or folders are done.

All these “leaks” about AB4.... it’s going to be like the release of a new Apple iPhone: people will be queuing round the block ready to rush in as soon as the shop door opens at midnight.

 

[Frejoh4666]

I wonder what you all expect me to code for the WebUI. Pie charts, cake and blinking text?
Realistically, I consider it done and a success when most if not all of the functionality from the SSH UI is working in the WebUI as well.

Asking for pretty graphs is too much? Yea, probably too much.

For graphs I was thinking of having a number of request on y-axis and time on x-axis, then below have charts with the top 10-list. So when you compile the list is save the top 10 and show it when you entering the site with the last time it compiled the list. A quick and easy way to see whats happening on the network. I found that my N66U is sending a request to dns.msftncsi.com every 5sek, so I had 16705 request for about a day (the one below had 322).

Tho I'm probably getting spoiled from looking at the pretty PiHole UI and thinking of getting a minimalist version of it (I know it wont be, but still). I'm sure everyone will be happy with it when you release it. You are doing a fantastic job, and I really appreciate the work you have done with this program.

 

[Protik]

I wonder what you all expect me to code for the WebUI. Pie charts, cake and blinking text?
Realistically, I consider it done and a success when most if not all of the functionality from the SSH UI is working in the WebUI as well.

If the WebUI is responsive i.e. updates itself real time, then I will be more than happy for AB4.1. Then based on user experience, the type of charts can be modified further.

Edit: From my experience a pretty graph can be pretty much useless. And a simple graph can have more than enough information. So it can take little bit of trial and error to figure out the most meaningful way to visualize what AB4 will be doing.

 

[M@rco]

All these “leaks” about AB4.... it’s going to be like the release of a new Apple iPhone: people will be queuing round the block ready to rush in as soon as the shop door opens at midnight.

You mean... you're not in the queue yet? You'd better hurry up, because it's getting crowded here with all these pop-up camp sites When I read

cake

I realised there was no time to loose...

Just follow the signs in surrounding countries or at the airport with the

blinking text

and you'll know where you can find the place to be

 

[thelonelycoder]

All these “leaks” about AB4.... it’s going to be like the release of a new Apple iPhone: people will be queuing round the block ready to rush in as soon as the shop door opens at midnight.

There will be no more leaks until AB4 gets to the beta stage, I promise

I found that my N66U is sending a request to dns.msftncsi.com every 5sek, so I had 16705 request for about a day (the one below had 322).

Tools > Other settings, set this to No (best way):
Wan: Use DNS probes to determine if WAN is up (default: Yes)
Or in AB3 (second best way):
In experimental settings es, set Wanduck probing to off.

Tho I'm probably getting spoiled from looking at the pretty PiHole UI and thinking of getting a minimalist version of it (I know it wont be, but still). I'm sure everyone will be happy with it when you release it. You are doing a fantastic job, and I really appreciate the work you have done with this program.

I'm not saying the AB WebUI will be bland and lack any interesting features.
I meant my remark more to be in the region of I-am-a-lonelycoder and don't have (and want) a horde of other coders to build in goodies that I initially don't have the time to do.

Edit: From my experience a pretty graph can be pretty much useless. And a simple graph can have more than enough information. So it can take little bit of trial and error to figure out the most meaningful way to visualize what AB4 will be doing.

Exactly, this will be a first release, expect it to be very functional and pretty, without the stuff that encourages me to write the next better version

You'd better hurry up, because it's getting crowded here with all these pop-up camp sites

That's the spirit, it'll be worth the wait, no doubt.

 

[visortgw]

...

That's the spirit, it'll be worth the wait, no doubt.

That has definitely been the case with each and every version release!

 

[Protik]

There will be no more leaks until AB4 gets to the beta stage, I promise

Tools > Other settings, set this to No (best way):
Wan: Use DNS probes to determine if WAN is up (default: Yes)
Or in AB3 (second best way):
In experimental settings es, set Wanduck probing to off.

I'm not saying the AB WebUI will be bland and lack any interesting features.
I meant my remark more to be in the region of I-am-a-lonelycoder and don't have (and want) a horde of other coders to build in goodies that I initially don't have the time to do.

Exactly, this will be a first release, expect it to be very functional and pretty, without the stuff that encourages me to write the next better version

That's the spirit, it'll be worth the wait, no doubt.

May the beta with us soon.

Sent from my Moto G (5) Plus using Tapatalk

 

[punkinduster]

I am not to familiar with how everything works together but here is my question in hopefully not too long of a statement.

I bought an eero system last year to replace my Asus RT-AC66U. I found much better wireless coverage with 3 eeros than with one wireless router but I really missed the AB-Solution ad blocker and a few other router features. So, I reinstalled the Asus RT-AC66U and turned off the wireless on the router and put the eeros in bridge mode. This is working very well and I can use AB3 again. So now I was reading about the new V2 Bitdefender box that can be put in bridge mode between the cable modem and the Asus router for added security but I would have to turn off the DHCP server on the Asus router and let the Bitdefender box perform that duty.

My question is can I still use AB3 on the Asus router to block ads if the BD box is the DHCP server?

 

[thelonelycoder]

but I really missed the AB-Solution ad blocker and a few other router features.

Aww, thanks, that warms my heart!

So now I was reading about the new V2 Bitdefender box that can be put in bridge mode between the cable modem and the Asus router

Sorry, turning cold blooded again
That box likely uses it's own DHCP and DNS resolving, probably with Dnsmasq as your trusted Asus router does. This would outmaneuver downstream DNS manipulation such as AB does to block ads.

That Bitdefender box costs you $250.00 and a recurring yearly subscription fee.
My suggestion is to forget that box, sell or donate your AC66U and buy an RT-AC86U. Then employ Skynet and AB-Solution and you have a much better Solution with no recurring costs.

Dang, I'm happy again.

 

[M@rco]

My suggestion is to forget that box, sell or donate your AC66U and buy an RT-AC86U. Then employ Skynet and AB-Solution and you have a much better Solution with no recurring costs.

Dang, I'm happy again.

Amen.

Bitdefender Support sucks big time, imho, at least here in Europe, where they offer support from Romania (their HQ) and insist you write your support request in your native language instead of English (knowing that you'll get answer, translated from Romanian in your own language powered by Google Translate, which brings you no closer to a solution, on the contrairy). In English however, you at least get a response that seems to concern the issue you reported. They have an incredibly messy subscription administration, I had to battle more than once to get subscription expiry dates sorted out correctly, for private as well as business solutions. And the quality of their products isn't that great either, on many occassions I have had issues with digital vermin slipping right through under they're radar, where other (even freeware) solutions, did their jobs properly.

They do stay polite and show involvement, but it takes ages beforing getting anyone to understand you and solve the matter, that is if they're able to. After 5 years, with several subscriptions on products for private as well as business use, we decided to no longer prolong the contracts and switched to different solutions. Probably my best New Years resolution ever. And that's the moment when the (still ungoing) period starts to get rid of an incredible amount reminder e-mails on every e-mail address they manage to find of you, that your subscriptions have been ended and that you're fully exposed to dark, dodgy villans on the big, bad interwebs. Bitdefender? No, thank you. I lost my confidence a long time ago,

Dang, now I'm happy again too . This thread has a great therapeutic efficacy.

 

[seattle]

Tried many times, but still could not get pixelserv-tls working on my RT-AC66U (Firmware:380.69). Anyone has the same problems?


Checking pixelserv-tls (AB-Solution)... dead.
removing pixelserv-tls virtual IP 192.168.1.2
starting pixelserv-tls virtual IP 192.168.1.2
starting pixelserv-tls
writing the pixelserv-tls startup script
restarting pixelserv-tls to apply changes
Starting pixelserv-tls (AB-Solution)... failed.
checking pixelserv-tls status again:
---------------------------------------------------
pixelserv-tls appears not to be running
You now have three options:
1. Abort installation, to continue again from here
2. Abort installation and reset pixelserv-tls settings
3. Continue anyway, forcing the install


admin@RT-AC66U-2C68:/tmp/home/root# netstat -tuln | grep :80
tcp 0 0 127.0.0.1:80 0.0.0.0:* LISTEN
tcp 0 0 192.168.1.1:80 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:8082 0.0.0.0:* LISTEN